Privacy Policy

Last updated: 2025-11-20

This Privacy Policy explains how Unravelers Technologies (FZE) ("we", "us", or "our") collects, uses, shares, and protects personal information when you use the iHRMS platform at https://ihrms.io, our applications, and associated services (collectively, the "Service").

By accessing or using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, you should stop using the Service.

1. Scope and Roles

iHRMS is an HR SaaS platform that helps organizations manage their employees and HR operations. In many cases:

Your employer or organization acts as the primary data controller for HR data processed through the Service.
We act as a data processor or service provider, processing personal data on behalf of your organization according to their instructions.

This Policy applies to personal information that we handle in connection with the provision of the Service. Your organization’s own privacy notices and policies may also apply, especially where your employer defines how your HR data is used.

2. Information We Collect

2.1 Information You or Your Organization Provide

Account information: Name, email address, phone number, job title, password, and similar details for administrator and user accounts.
Organization information: Company name, business contact details, billing information, subscription details, and configuration preferences.
HR and employee data: Data entered or imported into iHRMS by your organization, which may include:
- Employee identifiers and contact details.
- Employment history, job roles, departments, and reporting lines.
- Attendance, leave, shift, and scheduling data.
- Performance records, appraisal information, feedback, and goals.
- Documents and records such as contracts, policies, or HR letters.
- Payroll-related information such as salary, allowances, and deductions (excluding full payment card details, which are handled by payment providers where applicable).
Support and communication: Information shared when you contact us for help, submit tickets, provide feedback, or respond to surveys.

2.2 Information Collected Automatically

Usage and log data: IP address, browser type, device identifiers, operating system, pages visited, actions taken within the Service, time and date of access, and other interaction data that helps us operate and secure the platform.
Technical and diagnostic data: Error logs, performance metrics, and telemetry data used to monitor and improve the Service.
Cookies and similar technologies: Information collected through cookies, web beacons, and similar tools to support sign-in, remember preferences, enhance security, and analyze usage.

2.3 Information from Third Parties

Integrated services: Data received from systems that your organization chooses to integrate with iHRMS, such as identity providers, payroll or accounting systems, or communication tools.
Service providers: Limited information from payment processors, analytics providers, or security services that help us deliver the Service.

3. How We Use Personal Information

We use personal information for the following purposes:

To provide, operate, and maintain the iHRMS platform and related services.
To set up and manage user accounts and organization configurations.
To process subscription fees, invoices, and payments through trusted payment providers.
To support HR workflows such as onboarding, attendance, leave management, performance reviews, and related HR processes as configured by your organization.
To communicate with administrators and users about updates, security alerts, changes to the Service, and administrative messages.
To provide technical support, handle requests, and resolve issues.
To monitor usage, maintain security, prevent fraud or misuse, and protect our users and systems.
To improve and develop the Service, including through aggregated or anonymized analytics.
To comply with applicable laws, regulations, and legal obligations.
Where allowed, to send product-related information, updates, and limited marketing communications, with the ability to opt out.

4. Legal Bases and Responsibilities

In many cases, we process personal data on behalf of your organization under a contract or service agreement. Your organization is responsible for ensuring that there is a valid legal basis for processing HR data in iHRMS and for providing appropriate privacy notices to employees.

Where we act in our own capacity (for example, for our website visitors, account owners, or direct marketing), we rely on lawful bases such as performance of a contract, legitimate interests, consent where required, and compliance with legal obligations, as applicable.

5. How We Share Personal Information

We may share personal information with:

Your organization: HR administrators and authorized users within your organization who manage iHRMS.
Service providers: Trusted third parties that perform services on our behalf, such as hosting providers, email services, analytics tools, backup services, and payment processors. They are bound by obligations to protect personal data and use it only for the services they provide to us.
Integration partners: Third-party systems or tools that your organization connects with iHRMS, based on your organization’s instructions and configuration.
Professional advisors: Legal, accounting, or other advisors when necessary for legitimate business purposes.
Authorities and legal requests: When required by applicable laws, regulations, legal processes, or enforceable requests, or to protect our rights, property, users, or the public.
Business transfers: In connection with a merger, acquisition, restructuring, or sale of assets. We will take appropriate steps to ensure that privacy protections are maintained.

We do not sell personal information for monetary consideration.

6. International Transfers

The Service may involve storing or processing personal information in different locations using cloud infrastructure and service providers. These locations may have data protection rules that differ from those in the place where individuals are located.

We take reasonable steps to ensure that personal information is protected with appropriate technical, contractual, and organizational safeguards during such transfers.

7. Data Security

We use reasonable technical and organizational measures to protect personal information against unauthorized access, loss, misuse, or alteration. These measures may include encryption, access controls, logging, network security, and regular security assessments.

No system is completely secure, and we cannot guarantee absolute security. You also share responsibility for security by keeping your login credentials confidential and using secure networks and devices when accessing the Service.

8. Data Retention

We retain personal information for as long as necessary to provide the Service to your organization, to fulfill the purposes described in this Policy, and to comply with applicable legal, accounting, or reporting obligations.

Retention periods may be defined by your organization’s configuration and policies. When data is no longer needed, we will delete or anonymize it, subject to any legal or contractual requirements.

9. Your Rights and Choices

Depending on applicable laws and your relationship with us, you or the individuals whose data is processed may have certain rights, which can include:

Access to personal information held about them.
Correction of inaccurate or incomplete information.
Deletion of personal information in certain circumstances.
Restriction or objection to specific types of processing.
Withdrawal of consent where processing is based on consent.
Portability of data in a structured, commonly used, and machine-readable format where applicable.

Employees and other individuals whose data is managed by iHRMS should generally contact their employer or organization (the iHRMS customer) to exercise these rights, as the organization usually controls the data. We will support the organization in responding to such requests as required.

For rights related to data we control directly (for example, iHRMS account owners or website visitors), you can contact us at the email below. We may need to verify your identity before responding, and we will handle requests in line with applicable laws.

10. Cookies and Similar Technologies

We use cookies and similar technologies to enable key functionality, keep you signed in, remember your preferences, secure the Service, and understand how the Service is used.

You can adjust cookie settings in your browser. If you block or disable some cookies, certain features of the Service may not function properly.

11. Children’s Privacy

The Service is intended for use by organizations and adults in a professional context. It is not directed at children. We do not knowingly collect personal information from individuals who are considered children under applicable law. If we become aware that such information has been collected, we will take appropriate steps to delete it.

12. Third-Party Websites and Services

The Service may include links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing any personal information to them.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable requirements. When we do, we will post the updated Policy on the Service and update the "Last updated" date above. In some cases, we may provide additional notice, such as email or in-product notifications.

Your continued use of the Service after an updated Policy is posted means you accept the changes.

14. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or our handling of personal information, you can contact us at:

Company: Unravelers Technologies (FZE)
Product: iHRMS
Website: https://unravelers.tech
Product Website: https://ihrms.io
Email: info@ihrms.io
Address: Block B, Office - B51-140 SRTIP, Sharjah, United Arab Emirates